Last week I researched a few different configuration management tools.\u00a0 Configuration Management is the art, or act of managing lots of computers in some organized fashion.\u00a0 The act of managing a computer involves what is put on the machine as far as software and also figuring out permissions, environmentals etc.\u00a0 The problem isn’t complex when you deal with maybe 1 or 5 machines.\u00a0 However, when you have a cluster, or a cloud, then having a good way to manage them all becomes very important.<\/p>\n
In the world I came from, High Performance Computing, the job was a bit easier because every machine was identical.\u00a0 Every ‘node’ did the same thing.\u00a0 The only difference was the IP address, MAC address, and hostname.\u00a0 Everything else was identical.\u00a0 We never did any management other than the initial install plus some post scripts to make sure they were configured perfect.\u00a0 We could spend a few good solid days making sure our postscripts were perfect.\u00a0 That way if a machine died, or a new one needed to be added, installing it was trivial.\u00a0 In this we never needed any post configuration management.\u00a0 In addition the packages required were rather simple because a lot of the required files, libs, and programs were contained on the distributed file system. (NFS, GPFS, or some other way)<\/p>\n
Another point to all this is that we usually kept our nodes ‘stateless’, or in other words ‘ram-root’ as it is called.\u00a0 Ram-root just means that the entire operating system resides in memory.\u00a0 You may say “wow, that’s a lot of memory” but keep in mind, the entire OS for HPC environments, including the memory hogging InfiniBand modules could be loaded in less than 200MB image.\u00a0 So when your modern Nehalem machines are usually equipped with 24GB of ram, then what is a measly 200MB of ram?\u00a0 Plus your system runs better cause its only doing what you want.\u00a0 This is all made possible via xCAT.<\/p>\n
But, I digress.\u00a0 The world of cloud computing is different.\u00a0 There are different OSes, different applications, and we’re dealing with a very heterogeneous environment.\u00a0 Thus configuring the software on all of these machines is not as trivial of a problem.\u00a0 It’s no longer just one image that you need to be concerned about – it’s many!<\/p>\n
Rather than creating my own, (which is never a good idea when there are so many great solutions available), I went to take a look at what was out there.<\/p>\n
The most promising that I saw were:<\/p>\n
Never the less, let me give some info on what I found:<\/p>\n
This tool was created by Mark Burgess.\u00a0 There is an interesting talk he gave to google that is available on YouTube here<\/a>.\u00a0 cfengine seems to be the most venerable and developed, but it seems from the mailing lists I’ve read that it’s seem to lost its luster in favor of puppet.<\/p>\n Puppet seems to be what all the cool kids are using these days.\u00a0 The web site is very well developed, the documentation seems to be organized well and far better than cfengine nor anything else I looked at.\u00a0 This really impressed me:\u00a0 If you want to make a good open source tool that everyone uses you need to do two things right:<\/p>\n 1.\u00a0 You have to present it well on a web site with clear documentation, customer testimonials, and all kinds of good information.<\/p>\n 2.\u00a0 You need to have to make it easy to use, get, install.\u00a0 IT is too complicated these days.\u00a0 No one wants to spend hours learning something.\u00a0 The easier you can make it to use the more successful it will be.<\/p>\n Puppet may not be better than cfengine (though I think they think it is) and it may not be better than bcfg2.\u00a0 But the presentation is worlds better, and that makes people want to use it.\u00a0 It invites you to use it.\u00a0 xCAT can take a page from that and it’s made me want to double my efforts in revamping the web page.<\/p>\n This shouldn’t be a surprise either.\u00a0 After all, this is what Apple does.\u00a0 They’re a marketing company.\u00a0 Presentation is everything.\u00a0 A good presentation, a good feel, and ease of use will make a tool stand out, even if it isn’t that much better than the rest in the pack.<\/p>\n Part of the marketing is that the person who started puppet used to code vigorously for cfengine adding lots of modules before striking out on his own.\u00a0 This gives people the idea that puppet is the next generation of cfengine.\u00a0 Its a good story.\u00a0 The ease of use is there, and so just on that alone, I can see why its all the rage now days.<\/p>\n bcfg2 or ‘bconfig’ seems to be the lone wolf of the pack.\u00a0 It’s web site even mentions that it doesn’t get as much press as it probably should.\u00a0 Well, what do you expect?\u00a0 This is a national lab full of unsexy engineers.\u00a0 (no offense guys\/gals).\u00a0 They’re engineers developing tools.\u00a0 Having said that, Ti Leggett and I spoke and he showed me all the cool things bcfg2 could do.\u00a0 The modules in there seemed very cool as well as the client\/server implementation.<\/p>\n So where does this leave me?\u00a0 Which one do you choose?\u00a0 Well, I hate to say it, but in my situation, I was looking for a solution that could handle an NFS root boot up.\u00a0 It was apparent that they could all handle this in a postscript bring up, but the solutions seemed to fall short when we got a little more specific:<\/p>\n Consider the case of an organization that want’s their images locked down.\u00a0 (meaning NFS root where nearly everything is read only and can’t be touched)\u00a0 This could be a large global organization so \/etc\/resolv.conf in a lab in Spain isn’t going to be the same as one in Montreal, even though they’re all using the same installation source.\u00a0 Never the less you want \/etc\/resolv.conf to boot up as a non-writable file, preferably nfs mounted.\u00a0 Sure the user could unmount the file and then change it as root, however no changes they make would stick.<\/p>\n It was a situation such as that where I couldn’t make use of these tools.\u00a0 Perhaps someone knows of a way to do it, but it seems to me that such a tool would need to be integrated into the creation of the ram disk.\u00a0 In addition this global traversing would have to go through a hierarchy of directories:<\/p>\n \/foo\/globalfiles\/<\/p>\n \/foo\/usafiles\/<\/p>\n \/foo\/newyorkcity\/<\/p>\n \/foo\/datacenter3\/<\/p>\n All of these directories may contain an \/etc\/resolv.conf or a SSH known-host keys that have to be integrated and concatenated down.\u00a0 Perhaps we could look at it from an object perspective instead and this would allow us to see if a node belongs to a particular class.\u00a0 If so how do you establish the hierarchy?\u00a0 It didn’t seem to me that the above tools could handle that.\u00a0 Maybe I’m wrong.<\/p>\n But I think like a lot of other people I would go with Puppet.\u00a0 Not because it’s technically better but because the crowd mind would look like this:<\/p>\n 1. If everyone’s doing it, then its going to stick around and I’m not wasting my time learning a dying tool.<\/p>\n 2.\u00a0 It’s so easy to learn cause all this documentation, then its not going to take me a long time.<\/p>\n Thus we see my friends, and my point:\u00a0 Sexy wins.<\/p>\n","protected":false},"excerpt":{"rendered":" Last week I researched a few different configuration management tools.\u00a0 Configuration Management is the art, or act of managing lots of computers in some organized fashion.\u00a0 The act of managing a computer involves what is put on the machine as far as software and also figuring out permissions, environmentals etc.\u00a0 The problem isn’t complex when…<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":[],"categories":[920,916],"tags":[],"jetpack_featured_media_url":"","_links":{"self":[{"href":"https:\/\/benincosa.com\/index.php?rest_route=\/wp\/v2\/posts\/64"}],"collection":[{"href":"https:\/\/benincosa.com\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/benincosa.com\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/benincosa.com\/index.php?rest_route=\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/benincosa.com\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=64"}],"version-history":[{"count":1,"href":"https:\/\/benincosa.com\/index.php?rest_route=\/wp\/v2\/posts\/64\/revisions"}],"predecessor-version":[{"id":66,"href":"https:\/\/benincosa.com\/index.php?rest_route=\/wp\/v2\/posts\/64\/revisions\/66"}],"wp:attachment":[{"href":"https:\/\/benincosa.com\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=64"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/benincosa.com\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=64"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/benincosa.com\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=64"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}Puppet<\/a><\/h2>\n
bcfg2<\/a><\/h2>\n
My decision<\/h2>\n